From owner-freebsd-questions Mon Jun 5 11:49:31 2000 Delivered-To: freebsd-questions@freebsd.org Received: from be-well.ilk.org (lowellg.ne.mediaone.net [24.147.184.128]) by hub.freebsd.org (Postfix) with ESMTP id A3C0537B5AA for ; Mon, 5 Jun 2000 11:49:23 -0700 (PDT) (envelope-from lowell@be-well.ilk.org) Received: (from lowell@localhost) by be-well.ilk.org (8.9.3/8.9.3) id OAA94501; Mon, 5 Jun 2000 14:49:22 -0400 (EDT) (envelope-from lowell) From: Lowell Gilbert Organization: not as good as I thought, apparently To: freebsd-questions@freebsd.org Subject: Re: User-mounting floppies (was Re: stupid questions) References: <200006051817.UAA79061@m2.dynas.se> Date: 05 Jun 2000 14:49:22 -0400 In-Reply-To: Mikko Tyolajarvi's message of "Mon, 5 Jun 2000 20:17:46 +0200 (CEST)" Message-ID: <444s78ote5.fsf@lowellg.ne.mediaone.net> Lines: 21 X-Mailer: Gnus v5.7/Emacs 20.6 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mikko Tyolajarvi writes: > In freebsd-questions you write: > > >One of the hardest cases is that of a public "terminal room," where > >not only can't the users be given root powers, but their files have to > >be protected from *each* *other* as well, and only the person with > >physical access to the drive should be able to mount (or umount) the > >device. In FreeBSD, the only way I can think of to do this is by > >using xdm (or equivalent), and adjusting permissions to the relevant > >devices in much the same way as is done for the console. > > Have a look at fbtab(5). Good point. That's another implementation of exactly the same idea. I left out, unfortunately, the *other* key part, which is protecting the filesystem (if any) as opposed to the device. If you do a mount, you have to watch the permissions on your mount point. - Lowell To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message